archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/ds/security/ntmarta/newsrc/ldapsp.cpp

587 lines
13 KiB
Raw Normal View History

Add source files
4 years ago
  1. //+---------------------------------------------------------------------------
  2. //
  3. // Microsoft Windows NT Security
  4. // Copyright (C) Microsoft Corporation, 1997 - 1998
  5. //
  6. // File: ldapsp.cpp
  7. //
  8. // Contents: LDAP Scheme Provider for Remote Object Retrieval
  9. //
  10. // History: 23-Jul-97 kirtd Created
  11. //
  12. //----------------------------------------------------------------------------
  14. #include <aclpch.hxx>
  15. #pragma hdrstop
  17. #include <ldapsp.h>
  18. #include <shlwapi.h>
  19. //+---------------------------------------------------------------------------
  20. //
  21. // Function: LdapCrackUrl
  22. //
  23. // Synopsis: Crack an LDAP URL into its relevant parts. The result must
  24. // be freed using LdapFreeUrlComponents
  25. //
  26. //----------------------------------------------------------------------------
  27. BOOL
  28. LdapCrackUrl (
  29. LPCWSTR pwszUrl,
  30. PLDAP_URL_COMPONENTS pLdapUrlComponents
  31. )
  32. {
  33. BOOL fResult = TRUE;
  34. ULONG cbUrl = INTERNET_MAX_PATH_LENGTH;
  35. LPWSTR pwszHostInfo = NULL;
  36. LPWSTR pwszDN = NULL;
  37. LPWSTR pwszAttrList = NULL;
  38. LPWSTR pwszScope = NULL;
  39. LPWSTR pwszFilter = NULL;
  40. LPWSTR pwszToken = NULL;
  41. WCHAR pwszBuffer[INTERNET_MAX_PATH_LENGTH+1];
  42. PWCHAR pwsz = pwszBuffer;
  43. DWORD len = 0;
  44. HRESULT hr;
  46. //
  47. // Capture the URL and initialize the out parameter
  48. //
  50. if ( wcsncmp( pwszUrl, LDAP_SCHEME_U, wcslen( LDAP_SCHEME_U ) ) == 0 )
  51. {
  52. __try
  53. {
  54. hr = UrlCanonicalizeW(
  55. pwszUrl,
  56. pwsz,
  57. &cbUrl,
  58. ICU_DECODE | URL_WININET_COMPATIBILITY);
  60. if(FAILED(hr))
  61. {
  62. return( FALSE );
  63. }
  64. }
  66. __except(EXCEPTION_EXECUTE_HANDLER)
  67. {
  68. SetLastError( GetExceptionCode() );
  69. return( FALSE );
  70. }
  71. }
  72. else
  73. {
  74. len = wcslen(pwszUrl);
  76. if (len > INTERNET_MAX_PATH_LENGTH)
  77. {
  78. pwsz = new WCHAR [len + 1];
  80. if (pwsz == NULL)
  81. {
  82. SetLastError(ERROR_NOT_ENOUGH_MEMORY);
  83. return( FALSE );
  84. }
  85. }
  87. wcscpy(pwsz, pwszUrl);
  88. }
  90. memset( pLdapUrlComponents, 0, sizeof( LDAP_URL_COMPONENTS ) );
  92. //
  93. // Find the host
  94. //
  96. pwszHostInfo = pwsz + sizeof( "ldap://" ) - sizeof( CHAR );
  97. if ( *pwszHostInfo == L'/' )
  98. {
  99. pwszToken = pwszHostInfo + 1;
  100. pwszHostInfo = NULL;
  101. }
  102. else
  103. {
  104. pwszHostInfo = wcstok( pwszHostInfo, L"/" );
  105. }
  107. //
  108. // Find the DN
  109. //
  111. if ( wcsncmp( pwszUrl, LDAP_SCHEME_U, wcslen( LDAP_SCHEME_U ) ) == 0 )
  112. {
  113. if ( pwszToken != NULL )
  114. {
  115. pwszDN = L"";
  117. if ( *pwszToken != L'\0' )
  118. {
  119. if ( *pwszToken == L'?' )
  120. {
  121. pwszToken += 1;
  122. }
  123. else
  124. {
  125. pwszDN = pwszToken;
  127. do
  128. {
  129. pwszToken += 1;
  130. }
  131. while ( ( *pwszToken != L'\0' ) && ( *pwszToken != L'?' ) );
  133. if ( *pwszToken == L'?' )
  134. {
  135. *pwszToken = L'\0';
  136. pwszToken += 1;
  137. }
  138. }
  139. }
  140. }
  141. else
  142. {
  143. pwszDN = wcstok( pwszToken, L"?" );
  144. pwszToken = NULL;
  145. if ( pwszDN == NULL )
  146. {
  147. SetLastError( E_INVALIDARG );
  148. return( FALSE );
  149. }
  150. }
  152. //
  153. // Check for attributes
  154. //
  156. if ( pwszToken != NULL )
  157. {
  158. if ( *pwszToken == L'?' )
  159. {
  160. pwszAttrList = L"";
  161. pwszToken += 1;
  162. }
  163. else if ( *pwszToken == L'\0' )
  164. {
  165. pwszAttrList = NULL;
  166. }
  167. else
  168. {
  169. pwszAttrList = wcstok( pwszToken, L"?" );
  170. pwszToken = NULL;
  171. }
  172. }
  173. else
  174. {
  175. pwszAttrList = wcstok( NULL, L"?" );
  176. }
  178. //
  179. // Check for a scope and filter
  180. //
  182. if ( pwszAttrList != NULL )
  183. {
  184. pwszScope = wcstok( pwszToken, L"?" );
  185. if ( pwszScope != NULL )
  186. {
  187. pwszFilter = wcstok( NULL, L"?" );
  188. }
  189. }
  191. if ( pwszScope == NULL )
  192. {
  193. pwszScope = L"base";
  194. }
  196. if ( pwszFilter == NULL )
  197. {
  198. pwszFilter = L"(objectClass=*)";
  199. }
  200. }
  201. else
  202. {
  203. if ( pwszToken != NULL )
  204. {
  205. pwszDN = pwszToken;
  206. }
  207. else
  208. {
  209. //
  210. // pwszDN = wcstok( pwszToken, L"\0" );
  211. //
  213. pwszDN = pwszHostInfo + wcslen( pwszHostInfo ) + 1;
  214. }
  216. pwszAttrList = NULL;
  217. pwszFilter = L"(objectClass=*)";
  218. pwszScope = L"base";
  219. }
  220. //
  221. // Now we build up our URL components
  222. //
  224. fResult = LdapParseCrackedHost( pwszHostInfo, pLdapUrlComponents );
  226. if ( fResult == TRUE )
  227. {
  228. fResult = LdapParseCrackedDN( pwszDN, pLdapUrlComponents );
  229. }
  231. if ( fResult == TRUE )
  232. {
  233. fResult = LdapParseCrackedAttributeList(
  234. pwszAttrList,
  235. pLdapUrlComponents
  236. );
  237. }
  239. if ( fResult == TRUE )
  240. {
  241. fResult = LdapParseCrackedScopeAndFilter(
  242. pwszScope,
  243. pwszFilter,
  244. pLdapUrlComponents
  245. );
  246. }
  248. if ( fResult != TRUE )
  249. {
  250. LdapFreeUrlComponents( pLdapUrlComponents );
  251. }
  253. if (pwsz != pwszBuffer)
  254. {
  255. delete pwsz;
  256. }
  258. return( fResult );
  259. }
  261. //+---------------------------------------------------------------------------
  262. //
  263. // Function: LdapParseCrackedHost
  264. //
  265. // Synopsis: Parse the cracked host string (pwszHost is modified)
  266. //
  267. //----------------------------------------------------------------------------
  268. BOOL
  269. LdapParseCrackedHost (
  270. LPWSTR pwszHost,
  271. PLDAP_URL_COMPONENTS pLdapUrlComponents
  272. )
  273. {
  274. LPWSTR pwszPort;
  276. if ( pwszHost == NULL )
  277. {
  278. pLdapUrlComponents->pwszHost = NULL;
  279. pLdapUrlComponents->Port = LDAP_PORT;
  280. return( TRUE );
  281. }
  283. pwszPort = wcschr( pwszHost, L':' );
  284. if ( pwszPort != NULL )
  285. {
  286. *pwszPort = L'\0';
  287. pwszPort++;
  288. }
  290. pLdapUrlComponents->pwszHost = new WCHAR [wcslen( pwszHost ) + 1];
  291. if ( pLdapUrlComponents->pwszHost == NULL )
  292. {
  293. SetLastError( E_OUTOFMEMORY );
  294. return( FALSE );
  295. }
  297. wcscpy( pLdapUrlComponents->pwszHost, pwszHost );
  298. pLdapUrlComponents->Port = 0;
  300. if ( pwszPort != NULL )
  301. {
  302. pLdapUrlComponents->Port = _wtol( pwszPort );
  303. }
  305. if ( pLdapUrlComponents->Port == 0 )
  306. {
  307. pLdapUrlComponents->Port = LDAP_PORT;
  308. }
  310. return( TRUE );
  311. }
  313. //+---------------------------------------------------------------------------
  314. //
  315. // Function: LdapParseCrackedDN
  316. //
  317. // Synopsis: Parse the cracked DN
  318. //
  319. //----------------------------------------------------------------------------
  320. BOOL
  321. LdapParseCrackedDN (
  322. LPWSTR pwszDN,
  323. PLDAP_URL_COMPONENTS pLdapUrlComponents
  324. )
  325. {
  326. pLdapUrlComponents->pwszDN = new WCHAR [wcslen( pwszDN ) + 1];
  327. if ( pLdapUrlComponents->pwszDN == NULL )
  328. {
  329. SetLastError( E_OUTOFMEMORY );
  330. return( FALSE );
  331. }
  333. wcscpy( pLdapUrlComponents->pwszDN, pwszDN );
  334. return( TRUE );
  335. }
  337. //+---------------------------------------------------------------------------
  338. //
  339. // Function: LdapParseCrackedAttributeList
  340. //
  341. // Synopsis: Parse the cracked attribute list
  342. //
  343. //----------------------------------------------------------------------------
  344. BOOL
  345. LdapParseCrackedAttributeList (
  346. LPWSTR pwszAttrList,
  347. PLDAP_URL_COMPONENTS pLdapUrlComponents
  348. )
  349. {
  350. LPWSTR pwsz;
  351. LPWSTR pwszAttr;
  352. ULONG cAttr = 0;
  353. ULONG cCount;
  355. if ( ( pwszAttrList == NULL ) || ( wcslen( pwszAttrList ) == 0 ) )
  356. {
  357. pLdapUrlComponents->cAttr = 0;
  358. pLdapUrlComponents->apwszAttr = NULL;
  359. return( TRUE );
  360. }
  362. pwsz = new WCHAR [wcslen( pwszAttrList ) + 1];
  363. if ( pwsz == NULL )
  364. {
  365. SetLastError( E_OUTOFMEMORY );
  366. return( FALSE );
  367. }
  369. wcscpy( pwsz, pwszAttrList );
  371. pwszAttr = wcstok( pwsz, L"," );
  372. while ( pwszAttr != NULL )
  373. {
  374. cAttr += 1;
  375. pwszAttr = wcstok( NULL, L"," );
  376. }
  378. pLdapUrlComponents->apwszAttr = new LPWSTR [cAttr+1];
  379. if ( pLdapUrlComponents->apwszAttr == NULL )
  380. {
  381. delete pwsz;
  382. SetLastError( E_OUTOFMEMORY );
  383. return( FALSE );
  384. }
  386. pLdapUrlComponents->cAttr = cAttr;
  387. for ( cCount = 0; cCount < cAttr; cCount++ )
  388. {
  389. pLdapUrlComponents->apwszAttr[cCount] = pwsz;
  390. pwsz += ( wcslen(pwsz) + 1 );
  391. }
  393. pLdapUrlComponents->apwszAttr[cAttr] = NULL;
  395. return( TRUE );
  396. }
  398. //+---------------------------------------------------------------------------
  399. //
  400. // Function: LdapParseCrackedScopeAndFilter
  401. //
  402. // Synopsis: Parse the cracked scope and filter
  403. //
  404. //----------------------------------------------------------------------------
  405. BOOL
  406. LdapParseCrackedScopeAndFilter (
  407. LPWSTR pwszScope,
  408. LPWSTR pwszFilter,
  409. PLDAP_URL_COMPONENTS pLdapUrlComponents
  410. )
  411. {
  412. ULONG Scope;
  414. if ( _wcsicmp( pwszScope, L"base" ) == 0 )
  415. {
  416. Scope = LDAP_SCOPE_BASE;
  417. }
  418. else if ( _wcsicmp( pwszScope, L"one" ) == 0 )
  419. {
  420. Scope = LDAP_SCOPE_ONELEVEL;
  421. }
  422. else if ( _wcsicmp( pwszScope, L"sub" ) == 0 )
  423. {
  424. Scope = LDAP_SCOPE_SUBTREE;
  425. }
  426. else
  427. {
  428. SetLastError( E_INVALIDARG );
  429. return( FALSE );
  430. }
  432. pLdapUrlComponents->pwszFilter = new WCHAR [wcslen( pwszFilter ) + 1];
  433. if ( pLdapUrlComponents->pwszFilter == NULL )
  434. {
  435. SetLastError( E_OUTOFMEMORY );
  436. return( FALSE );
  437. }
  439. wcscpy( pLdapUrlComponents->pwszFilter, pwszFilter );
  440. pLdapUrlComponents->Scope = Scope;
  442. return( TRUE );
  443. }
  445. //+---------------------------------------------------------------------------
  446. //
  447. // Function: LdapFreeUrlComponents
  448. //
  449. // Synopsis: Frees allocate URL components returned from LdapCrackUrl
  450. //
  451. //----------------------------------------------------------------------------
  452. VOID
  453. LdapFreeUrlComponents (
  454. PLDAP_URL_COMPONENTS pLdapUrlComponents
  455. )
  456. {
  457. delete pLdapUrlComponents->pwszHost;
  458. delete pLdapUrlComponents->pwszDN;
  460. if ( pLdapUrlComponents->apwszAttr != NULL )
  461. {
  462. delete pLdapUrlComponents->apwszAttr[0];
  463. }
  465. delete pLdapUrlComponents->apwszAttr;
  466. delete pLdapUrlComponents->pwszFilter;
  467. }
  470. //+---------------------------------------------------------------------------
  471. //
  472. // Function: LdapGetBindings
  473. //
  474. // Synopsis: allocates and initializes the LDAP session binding
  475. //
  476. //----------------------------------------------------------------------------
  477. BOOL
  478. LdapGetBindings (
  479. LPWSTR pwszHost,
  480. ULONG Port,
  481. DWORD dwRetrievalFlags,
  482. DWORD dwTimeout,
  483. LDAP** ppld
  484. )
  485. {
  486. BOOL fResult = TRUE;
  487. LDAP* pld;
  489. pld = ldap_initW( pwszHost, Port );
  490. if ( pld != NULL )
  491. {
  492. ULONG ldaperr;
  494. if ( dwTimeout != 0 )
  495. {
  496. ldap_set_option( pld, LDAP_OPT_TIMELIMIT, (void *)&dwTimeout );
  497. }
  499. fResult = LdapBindWithOptionalRediscover( pld, pwszHost );
  500. }
  501. else
  502. {
  503. fResult = FALSE;
  504. }
  506. if ( fResult == TRUE )
  507. {
  508. *ppld = pld;
  509. }
  511. return( fResult );
  512. }
  514. //+---------------------------------------------------------------------------
  515. //
  516. // Function: LdapFreeBindings
  517. //
  518. // Synopsis: frees allocated LDAP session binding
  519. //
  520. //----------------------------------------------------------------------------
  521. VOID
  522. LdapFreeBindings (
  523. LDAP* pld
  524. )
  525. {
  526. if ( pld != NULL )
  527. {
  528. ldap_unbind_s( pld );
  529. }
  530. }
  532. //+---------------------------------------------------------------------------
  533. //
  534. // Function: LdapBindWithOptionalRediscover
  535. //
  536. // Synopsis: bind to the host with optional DC rediscovery if the host is
  537. // NULL (which means use default via DsGetDcName)
  538. //
  539. //----------------------------------------------------------------------------
  540. BOOL
  541. LdapBindWithOptionalRediscover (LDAP* pld, LPWSTR pwszHost)
  542. {
  543. BOOL fResult = TRUE;
  544. ULONG ldaperr;
  545. ULONG ldapsaveerr;
  546. DWORD dwFlags = DS_FORCE_REDISCOVERY;
  548. ldaperr = ldap_bind_sW(
  549. pld,
  550. NULL,
  551. NULL,
  552. LDAP_AUTH_SSPI
  553. );
  555. if ( ( ldaperr != LDAP_SUCCESS ) && ( pwszHost == NULL ) )
  556. {
  557. ldapsaveerr = ldaperr;
  559. ldaperr = ldap_set_option(
  560. pld,
  561. LDAP_OPT_GETDSNAME_FLAGS,
  562. (LPVOID)&dwFlags
  563. );
  565. if ( ldaperr == LDAP_SUCCESS )
  566. {
  567. ldaperr = ldap_bind_sW(
  568. pld,
  569. NULL,
  570. NULL,
  571. LDAP_AUTH_SSPI
  572. );
  573. }
  574. else
  575. {
  576. ldaperr = ldapsaveerr;
  577. }
  578. }
  580. if ( ldaperr != LDAP_SUCCESS )
  581. {
  582. fResult = FALSE;
  583. SetLastError( LdapMapErrorToWin32(ldaperr) );
  584. }
  586. return( fResult );
  587. }